SAN JOSE, California--Elaborating on plans to build security
into its chips and other hardware, Intel today outlined its vision for
"creating the trusted PC," building on the widespread acknowledgement that
putting security in hardware, rather than software, is more robust.

Patrick Gelsinger, group vice president of Intel's desktop products group, also
detailed the giant chipmaker's stepped-up lobbying on privacy and
government controls on exporting strong encryption.

"Intel will deliver the security building blocks to enable the trusted,
connected PC," Gelsinger said at the RSA Data
Security conference, expanding on the announcement earlier this week of a
broad partnership with RSA.

"Security is only as a strong as the foundation, and hardware means
stronger trust," he said, indicating plans to include security in its
Pentium III chips, chipsets, motherboards, and other products.

"We are not replacing software, we are building a foundation for trusted
software," he said.

Gelsinger also promoted Intel's Common Data Security
Architecture [CDSA], a framework for infusing security into
all aspects of computers built with Intel chips. In addition to its own CDSA, Intel products will enable Microsoft's Crypto API [CAPI] and RSA's security framework.

Yesterday, Ireland's Baltimore Technology said it will create CDSA software tools for markets outside North America.

This year, Intel will add serial numbers to each Pentium III processor, making it easier to identify the specific machine being used in an online environment, Gelsinger said. The chipmaker also will add a random number generator, a common cryptographic technique, to the chipset. The RNG will use the thermal noise of semiconductor resistors to create random numbers, thus enabling better cryptography and digital signing protocols.

The chips will ship by the end of March, he said.

Further, through its pending acquisition of Shiva, Intel's networking group will
support IPSec, an important Internet security standard.

"We are happy and surprised by enthusiasm from application developers for
the processor serial numbers," Gelsinger said, adding that 30-plus software
developers have committed to write both consumer and business software that
takes advantage of putting a unique number on every Pentium III processor.

Next year, Intel will add authentication capabilities to its offerings, and
in 2001 will deal with peripheral devices.

On the public-policy front, Gelsinger campaigned hard for lifting U.S.
limits on encryption exports, a popular stand at the conference.

"The government should not limit the global deployment of necessary
encryption technology. Intel wants to ship products on a global basis, run
our business on a global basis, conduct e-commerce on a global basis, and
manufacture products on a global basis," he said.

He praised this week's announcement by France that it would soften its
controls of encryption, deregulate the use of strong, 128-bit encryption
within France, and spend more on security research.

"The right policy is fighting technology with technology," Gelsinger said.
Intel strongly opposes secret "back doors" in encrypted products that allow
the government to obtain the cryptographic keys to decrypt scrambled data, he said.

On privacy, he said Intel will build into its chips the ability for
individuals to control whether to hide their identity online. Intel also
will make people aware of the kind of data being collected about them.

Some online privacy advocates worry that serial numbers will allow a
way to track individuals on the Internet. But Intel counters that concern by arguing that serial numbers would improve security and protect the privacy of individual users.

"This does not in any way limit anyone's privacy or capabilities in terms
of what they can do," according to Intel spokesman Seth Walker. "Intel will never keep a list of processor numbers of which processors go where. This is designed to bring greater security to end users and help grow the pervasiveness of e-commerce worldwide."

As an example, he argued that individuals would be more willing to send personal medical information over the Net if they had the additional layer of security provided by serial numbers on their hardware.